Home Explore Help
Sign In
coder
/
SMBLibrary-Fork
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

IndependentNTLMAuthenticationProvider: Workaround for NTLMv2 with LmChallengeResponse length of 0 bytes

Tal Aloni 7 years ago
parent
efce34f5d6
commit
af50099f22
1 changed files with 8 additions and 4 deletions
Split View Show Diff Stats
  1. 8 4
      SMBLibrary/Authentication/NTLM/IndependentNTLMAuthenticationProvider.cs

+ 8 - 4
SMBLibrary/Authentication/NTLM/IndependentNTLMAuthenticationProvider.cs
View File 

@@ -301,11 +301,15 @@ namespace SMBLibrary.Authentication.NTLM
 
         /// </summary>

         private bool AuthenticateV2(string domainName, string accountName, string password, byte[] serverChallenge, byte[] lmResponse, byte[] ntResponse)

         {

-            byte[] _LMv2ClientChallenge = ByteReader.ReadBytes(lmResponse, 16, 8);

-            byte[] expectedLMv2Response = NTLMCryptography.ComputeLMv2Response(serverChallenge, _LMv2ClientChallenge, password, accountName, domainName);

-            if (ByteUtils.AreByteArraysEqual(expectedLMv2Response, lmResponse))

+            // Note: Linux CIFS VFS 3.10 will send LmChallengeResponse with length of 0 bytes

+            if (lmResponse.Length == 24)

             {

-                return true;

+                byte[] _LMv2ClientChallenge = ByteReader.ReadBytes(lmResponse, 16, 8);

+                byte[] expectedLMv2Response = NTLMCryptography.ComputeLMv2Response(serverChallenge, _LMv2ClientChallenge, password, accountName, domainName);

+                if (ByteUtils.AreByteArraysEqual(expectedLMv2Response, lmResponse))

+                {

+                    return true;

+                }

             }

 

             if (AuthenticationMessageUtils.IsNTLMv2NTResponse(ntResponse))